EHR products

This week eClinicalWorks resolved a lawsuit by agreeing to pay $155 million for falsely claiming it met Meaningful Use (MU) EHR certification criteria. Although the alleged behavior of eClinicalWorks was wrong, we have much more serious problems inflicted by the government-run EHR certification criteria.

The business of EHR vendors is to gain clients and earn profits. Developing innovative tools that help physicians care for patients should be the primary focus of their business. Instead, vendors are held hostage to government-run certification criteria that are constantly changing and sometimes ambiguous. While I do not condone the apparent behavior of eClinicalWorks, I am much more concerned about the certification processes that led to this situation.

The certification process evolved out of the 2009 HITECH Act that promoted the use of EHR technologies by offering incentive payments to hospitals and physicians who successfully adopted and used EHRs. This resulted in an unprecedented rush of business for EHR vendors. While EHR vendors began ramping up resources to meet the demands of the sales cycle and EHR implementations, they were also hit with government-imposed EHR certification criteria--criteria that are still changing frequently and sometimes are ambiguous. This exponential increase in EHR client demands along with rapidly changing certification criteria crushed EHR vendor resource availability. This constraint on resources forced them to focus on developing and testing EHR products to meet the specific certification criteria required by the government. In my opinion, the unintended consequence of overwhelmed EHR vendors is that they then did not have available resources to focus more on:

Improving usability

Identifying and managing patient safety risks inherent to EHR use

Developing innovative tools and functions that actually improve how physicians care for patients

As a result, EHRs were developed to meet MU EHR certification criteria, but failed to improve poor usability. EHR products could meet certification criteria, yet fail to adequately address patient safety risks associated with implementation and use. And the constraint on EHR vendor resource availability remains an impediment to the development of innovative tools and functionalities that EHR vendors really should be focusing on today.

Physicians do benefit from EHR certification by reducing risk during the EHR selection process. That is why the Certification Commission for Health Information Technology (CCHIT) was created in 2006 as an independent, not-for-profit group. CCHIT certification was based on a consensus of stakeholders who determined core functionalities that a basic EHR should provide. I participated in that effort, albeit in a brief, very small way (providing some input on pediatric core criteria). I recall we were careful to avoid requirements that could hinder EHR product innovation. CCHIT ceased operations in 2014 after the government created the MU EHR Certification program.

CCHIT certification was much less prescriptive than what the government imposes today. Less prescriptive EHR certification was, in retrospect, the right approach to take. And we did it without government involvement. Government works at its own hindered pace, and that pace is much slower than what an unencumbered EHR market could accomplish. I think the government needs to get out of the EHR certification business. But whether government remains involved or not, the EHR certification process needs to learn from CCHIT and rely more heavily on building consensus of physician stakeholders. We will do what is best for our patients.

So, this week one vendor was called out by the government for false claims regarding EHR certification. But that one vendor is really not the problem. The real problem is that the development of all EHR products has been, and still is, impeded by the government's EHR certification program.

Many physicians who use an electronic health record (EHR) are having difficulty realizing value in their investment. A recent KLAS survey found that more than one out of every four physician practices are so dissatisfied with their EHR that they are considering replacing it. Although many physician practices have earned a financial award by using an EHR to achieve “meaningful use”, data is lacking on whether or not such efforts actually improve patient outcomes.

I believe, anecdotally, that I practice higher quality medicine when using an EHR. But I am a pediatric emergency medicine physician using a hospital EHR to document patient encounters in a children's hospital's emergency department, not a physician in private practice. On the other hand, my past experience as a a Chief Medical Information Officer (CMIO) and Chief Information Officer (CIO) for my pediatric healthcare system provided opportunities to visit many private physician offices using a variety of ambulatory EHRs and to visit with many EHR vendors. I met many physicians who were happy with their EHRs and see the value. Others I met were unhappy and see no value in their EHR. Perhaps my most eye-opening experience came when I visited with a group of unhappy physicians who were using the same EHR as some happy physicians I had met one week earlier. So what gives?

The answer is simple, but the explanation is complex.

The simple answer is that the value gained from an EHR is dependent on how effectively it is implemented and used. When well-implemented and well-used, an EHR provides clinical and financial value. When poorly-implemented and poorly-used, EHRs detract from patient care and are a financial drain.

The complex explanation might best be explained using examples. So, based on my past visits with physicians who use various EHRs and on other personal research, I have created an outline of what I think are the key factors that allow physicians to gain value from their EHR. I am in the process of writing a series of blogs with case studies to help explain each of these factors. Stay tuned!

The idea’s time has come. The U.S. healthcare system needs a national, independent entity empowered by Congress to oversee health IT patient safety. Now.

In today's world a health IT-related patient safety issue that is identified by a physician practice or hospital is investigated and managed in a nontransparent manner by the individual provider and the EHR vendor.

Although the issue may be escalated to a local accountable care organization (ACO) or patient safety organization (PSO) that providers are increasingly becoming associated with, neither the issue nor the results of the investigation are reported to a statewide or national oversight entity. The patient safety data is therefore not collected, aggregated and analyzed at a state or national level. Without such oversight we are missing out on the opportunity to identify known avoidable health IT risks to patient safety and failing to disseminate knowledge on how to manage those risks. For example, if an issue is resolved at the physician practice between the physicians and EHR vendor but is not addressed at other practices that use the same EHR, then patients at those other practices remain at risk.

I have observed EHR vendors tune in to patient safety issues more keenly in the past decade and sometimes make more visible efforts to ensure identified issues are addressed with all customers and not just the ones who report issues. And let's be clear that a majority of EHR-related patient safety risks are related to how an EHR product is being used or implemented by their clients and not due to inherent technical flaws with the vendor's product. Nevertheless, patient safety should be viewed as a shared responsibility between the physicians, their practices or organizations and the health IT vendors. Identifying and managing patient safety risks is done most effectively when all cooperate in a team effort.

In Texas there had been discussions within the Texas Medical Association about establishing a central, statewide EHR patient safety entity to monitor and manage health IT-related patient safety issues. The data would be rolled up from hospitals, physician practices and patient safety organizations across the state for aggregation and analysis. However, it became evident during those discussions that it would be feasible and much more beneficial to establish governance at a national level.

So why does this need to be a new, independent national agency charged by Congress to oversee health IT patient safety?

Today there are many government agencies and private entities that I believe could and should contribute to patient safety surveillance and improvements, but none have the expertise, assets and time that are necessary to coordinate a national effort. In addition to the complexity involved with collecting and analyzing data from hundreds of institutions and PSOs, there are hundreds of unrelated EHR vendor products being used. There is not yet any available registry of health IT products, many of which are subdivided into multiple versions that sometimes vary widely in their available functionality. As a result, I strongly agree with the observations and recommendations described in an article by Singh, Classen and Sittig (J Patient Saf, Dec 2011; 7(4): 169-174) calling for a national patient safety board that is an independent government agency structured similarly to the National Transportation Safety Board. This entity would be charged by Congress to oversee HIT patient safety and coordinate with other agencies who can contribute to improvement in patient safety such as the Office of the National Coordinator, the Federal Drug Administration, the National Institute of Standards and Technology, the Agency for Healthcare Research and Quality, the Center for Medicare and Medicaid Services, the National Quality Forum, local patient safety organizations, local healthcare organizations who collect patient safety data, other local EHR patient safety reporting entities and industrial (EHR and HIT) trade associations. All of these entities need to function in a cooperative fashion in order to effectively identify and manage health IT-related patient safety risks.

The recent health IT report from the Food and Drug Administration Safety Innovation Act (FDASIA Health IT Report) proposes a framework to improve health IT-related safety risks including a proposed National Patient Safety Center.

I am concerned, however, that the proposal does not appear to provide this entity with enough authority to get the job done effectively. A national patient safety entity must have the authority to not only monitor activity and provide learning opportunities for vendors and providers, but also to regulate activities, investigate events, ensure issue resolution and require compliance. I do not see enough "teeth" given to the entity proposed by the FDASIA report.

The primary focus of a national Health IT Patient Safety Center should be on the dedicated surveillance of HIT-related safety risks and to promote learning from identified issues, potential adverse events (“close calls”) and adverse events. But it must also have the authority to effectively manage identified risks and ensure compliance with best practices for health IT patient safety.

Physicians are disturbed when patient care is put at risk due to a problem caused by their use of an electronic health record (EHR). Although they will generally tolerate the situation when their reported problem is effectively managed in a transparent manner, there are a number of situations that engender scorn for their vendor. The most common scorn-generating situation is when they feel that the patient safety issue they reported has not received a high enough priority from their vendor. These situations should, and often do, resolve when the doctor and vendor communicate a clear understanding of the problem and circumstances.

But it is another situation that I think is much more frustrating. A physician’s expectation is that EHR vendors respond to patient safety issues in the same manner physicians respond to adverse medical events. Physicians engage in peer review activities to not only analyze and resolve a specific adverse event, but also determine a plan that reduces the risk of the adverse event happening again. The most common peer review activities provide legal protections from discovery which promotes transparency and more effective management of the problem. Physicians analogously expect EHR vendors to not only fix their problem, but also to transparently fix it for all other physicians using their product. This puts EHR vendors in a quandary because the legal protections of peer review activities extended to physicians are not extended to EHR vendors.

Resolving this problem will require assistance from the federal and state governments. Along those lines the Office of the National Coordinator for Health Information Technology (ONC) published a Health IT Safety Plan on December 21, 2012, and is accepting public comments on it until February 4, 2013. I believe the most important aspect of this plan is the development and use of patient safety organizations (PSOs) to identify, aggregate, and analyze health IT safety events and hazard reports.

The aviation industry continually improves passenger safety by engaging pilots in self-reporting of errors and dangerous conditions through an offer of immunity from sanctions. The federal Patient Safety Act of 2005 provides an analogous environment allowing physicians in the outpatient setting to voluntarily report and share quality and patient safety information to AHRQ-certified PSOs without fear of legal discovery. Most physicians are familiar with the secure nature of communications when they are involved in hospital quality improvement activities. The information, documents, discussions and committee reports generated under the hospital’s umbrella of quality programs are held confidential and privileged. Privileged communications cannot be disclosed and used in medical litigation without consent. PSOs offer an analogous umbrella of protection for physicians in the ambulatory setting. Physicians may voluntarily report patient safety issues or quality data from their outpatient practices to a PSO on a privileged and confidential basis. The PSO can aggregate and analyze information from multiple physicians and healthcare entities to help identify, prioritize and reduce hazards that impede quality care.

The legal protections offered to physicians through PSOs are not currently extended to EHR vendors. They should be, and I will endorse that change in my comments to ONC’s Health IT Safety Plan. But even without this change there are ways for EHR vendors to safely engage with PSOs today. Let’s consider one such scenario:

Fictional scenario: Community physicians and several EHR vendors are associated with the same patient safety organization (PSO). Dr. X is one of the physician members and his EHR vendor, VendorZ, is an analytical contractor with the PSO. After entering a digoxin dose in his EHR’s Medication Reconciliation screen, Dr. X discovered that the dose displays with a misplaced decimal point on the Medication History screen. He reports this dangerous dosing error to his PSO as a patient safety issue. The PSO notifies VendorZ. VendorZ begins working with Dr. X’s office to resolve the issue. Because VendorZ is an analytical contractor with the PSO to which this patient safety issue was reported, the reported problem, analyses, results and recommendations are confidential and privileged. When a solution is identified, there is no legal threat that disincentivizes the PSO or VendorZ to withhold this known problem and solution from other physicians in the PSO who use the same EHR. The PSO notifies all of those physicians who are members of the PSO and proactive work is done to prevent this same problem from harming patients in other practices.

EHR vendors are not inclined to openly discuss EHR problems when there is the threat of litigation against them for doing so, similar to fears physicians have with discussions of their own medical errors. But this fictional scenario exemplifies one plausible way for EHR vendors and physicians to collaborate on health IT risks today under the protective umbrella of PSOs.

As stewards of safe, quality care physicians should have a basic understanding of PSOs and carefully consider opportunities that arise to engage with a PSO on initiatives to improve outpatient care in their community. EHR vendors should demonstrate a similar stewardship by helping educate physicians about PSOs and engaging with physicians through PSOs to improve the safety of their EHR products.

Last Thursday the National Coordinator of ONC, Dr. Farzad Mostashari, took my genetics analogy one step further in his keynote speech at the HIMSS12 Annual Conference for health IT in Las Vegas. And I have to admit that he improved upon it. I guess that's why he's in Washington D.C. and I'm not.

Dr. Mostashari warned the 36,000 conference attendees that along with this continued progress there are two other societal trends to align health IT with. He advocated for "twisting health IT to create a triple strand of DNA" with payment reform and patient empowerment.

Health IT, payment reform and patient empowerment. The triple strand of DNA to splice into the healthcare industry. I like that.

Payment reform is seriously needed to align incentives with the provision of quality care in an efficient manner. Right now I am basically paid to "encounter" patients and to do procedures. Although I am personally motivated to provide high quality care, the incentives are oddly there for physicians to "see more" and "do more" rather than to "see it done best". In addition, my documentation is based on meeting reimbursement rules to make sure I get paid rather than being based on communicating a clear picture of my findings and care plan. I absorb the extra time it takes to do both.

Consequently it is no surprise that for decades EHR vendors developed products based on episodic care. Physician's sought out products that would help them document and get paid for patient encounters. Documentation templates and charge capture functionalities were developed to maximize chances for reimbursement.

The potential for EHRs to improve quality and chronic disease management is just now starting to be realized. The ONC's health IT initiatives enacted by CMS under the HITECH portion of the 2009 Recovery Act are providing the push. But as payment reform proceeds, whether it be value-based purchasing, accountable care or some other program, EHR vendors will be incentivized even more to shift development efforts into chronic disease management and clinical decision support that are a basis for improving patient care.

And the third strand of DNA to splice into the healthcare industry, patient empowerment, is indeed an active and growing societal influence. But I will have to blog about that another day...

Today I (as @drmattmurray) and @TexMed moderated our first Twitter Chat that focused on the topic of e-prescribing. To participate in a Twitter Chat a physician must have a Twitter account and must know the date, time and Twitter hashtag for the Twitter Chat. In our case the hashtag-- #eRx630--refers to e-prescribing and the date, June 30th, by which time physicians must meet the CMS requirements regarding the use e-prescribing. Physicians who fail to use a qualified e-prescribing system or certified EHR to enter at least 10 e-prescriptions during eligible Medicare encounters will incur a 1% penalty on 2012 Medicare claims. On the other hand, those who meet this requirement are eligible for a 1% bonus.

Despite the high importance of this subject matter, there were not any other physicians participating on this particular Twitter Chat. At least none that we heard from. It was lonely.

However, we considered this to be an experiment and a chance to experience what it is like to actually moderate a Twitter Chat. Without a lot of participating "chit-chat", it was difficult to coordinate questions and answers with my friends @TexMed and @TexMedHIT. We basically asked each other questions or even asked ourselves for our own answers. I think we did get out some excellent information, but this would have been more valuable with some active back-and-forth dialogue. Again, though, the purpose of this venture was to dip our toes in the water to see how this type of format could be used in the future.

Twitter Chat among physicians will certainly have challenges, but I think it will find it's place as a useful mode of communication for specific purposes and in certain situations. The format will need to be refined, and this means we will have to try it (like today!), experiment with it, refine it and keep doing that PDSA thing to it (Plan-Do-Study-Act). Eventually it will find a place where it serves as an effective way to communicate some things. I already have found Twitter useful at large medical conferences that use a hashtag to communicate real-time information. It is a matter of finding the right niches.

One of the useful aspects of a Twitter Chat is that a transcript can be created of the entire conversation. This means that you don't have to be "online" and engaged in the Twitter stream for the entire duration of the chat. Since most physicians are hard pressed to find an un-interrupted hour, they would find it very helpful to be able to access and peruse the transcript at their leisure.

American Medical Association (AMA) President, Cecil B. Wilson, M.D., said in an AMA Commentary this week, "Physicians should take the time to explore their practice needs, assess their practice's readiness to adopt health IT and select the right system for the practice --and its patients". This is wise advice that I wholeheartedly agree with.

I also agree that the successful adoption and meaningful use of electronic health records (EHRs) impose many new challenges onto physician practices and that overcoming these barriers is especially difficult for physicians in small practices or solo practices that are constrained by limited resources. My only disappointment with Dr. Wilson's message to physicians is that it failed to highlight how Regional Extension Centers (RECs) can be leveraged by physicians to address these issues with EHR adoption and use.

The HITECH portion of the 2009 Reinvestment Act (ARRA) included over $677 million in grant funds to establish RECs across the nation to cover every geographic region. The purpose of each REC is to provide consulting services to physicians that help them overcome many of the described barriers to the adoption and use of EHRs. It is important for physicians to know that the RECs receive federal subsidies specifically based on and proportionate to the number of primary care physicians in solo or small group practices (<10 physicians) that they successfully help adopt, implement and meaningfully use an EHR. In other words, RECs are financially dependent on providing effective health IT consulting services to a segment of physicians who have the greatest need for such services.

In Texas there are four RECs including the North Texas REC (NTREC) for which I volunteer time as Board Chairman. Other Texas physicians volunteer their time to comprise 50% of the governing boards for each of the four RECs. Our goal is to ensure that our RECs are physician-friendly and remained focused on providing high quality services that meet the technology needs of small physician practices in each region. Texas RECs collaborated with each other to create a common business plan that leverages the federal subsidies to charge Texas physicians a token fee of $300 for IT consulting services worth over $5,000.

NTREC will receive 100% of their allotted subsidies if we successfully help 1,500 physicians adopt EHRs and achieve meaningful use. Since last October more than 500 North Texas physicians have enrolled for NTREC services; over half of them have already successfully implemented an EHR and are now working on the achieving meaningful use of their investment.

My hope is that physicians in other states will emulate our efforts by actively engaging in the governance of their region's RECs to ensure that they are physician-centric and remain focused on addressing the unmet needs of the small physician practices.

Case study: A plaintiff claims that his physician sent him an e-mail with poor medical advice that led to an adverse medical event. The defendant physician agrees that the e-mail in question provides grossly negligent advice, but claims that she never sent such an e-mail. Unfortunately, the physician had been using her own, personal home e-mail program to communicate with patients without using encryption or authentication software. A costly investigation eventually proved that the e-mail had originated from an unknown third-party spammer who used a technique called “spoofing” to insert the physician’s e-mail address into the "From" field in the e-mail that was sent to the patient.

Although this physician avoided a malpractice suit, she bore the financial burden of a technical investigation to prove the e-mail was not from her. This is only one example of a number of privacy and security issues with physician-patient e-mail. But these problems are avoidable and e-mail can be safely used if the physician can be sure of four things:

They are using the authentic e-mail address of the patient

A message received from the patient has actually been sent from their authentic e-mail address

Each message (sent or received) has not been changed while traversing across the Internet

Only the physician and the patient are able to read each other’s e-mail messages

E-mail encryption programs and secure messaging programs both provide safeguards that ensure this level of privacy and security needed for physician-patient e-mail. From a legal perspective, these technologies, when combined with appropriate procedures of use, make it very difficult for someone to successfully repudiate (deny sending or receiving) an e-mail in a legal situation. As noted in this case, regular home and business e-mail programs do not typically include such safeguards.

The Texas Medical Board (TMB) specifically requires physicians to “authenticate” patients prior to initiating e-communications, and to only use e-communications with established patients. Although the TMB does not specify how this is to be accomplished, the procedure typically involves “identity proofing” patients during an office visit. Patients physically present themselves to an office staff member who is authorized to register new “users” into the physician’s secure e-mail system. After being registered in the system, the patients will receive the “credentials” that allow them to receive and send messages through that system. The type of e-mail system used by the physician determines the type of “credentials” the office will provide. The credentials may be a password, a biometric feature (i.e. finger print), or a physical device such as a CD, smart card, or thumb drive that contains a password “key”.

After the patient is identity proofed, secure e-mail systems are able to use built-in “authentication” technologies to ensure:

a message received has actually been sent from the credentialed patient’s mailbox

a message sent or received has not been changed while it traveled over the Internet

a message sent can only be received and decoded by the credentialed patient.

Taking care to set up authentic e-mail accounts with identified patients and using an e-mail program (encrypted e-mail or secure messaging) that includes "authentication" technologies are necessary to establish the trust needed when engaging in private medical conversations. In addition, these work flow procedures and technologies will help the physician stay within HIPAA regulations that require encryption when PHI is sent over the Internet.

An ambulatory electronic health record (EHR) can be provided to the physician practice through one of two different models:

Web-based-- also referred to as a "hosted EHR" or the "ASP Model" where the physician accesses the EHR through an Internet connection

Client-Server (C/S)-- the traditional model where the EHR server may physically resides in the physician's office

Both models are considered to be acceptable, but each has inherent pros and cons to consider. The traditional model of choice has been the “client-server” model. In this model the EMR software is installed on a server that is typically located in the physician’s office. The physician and staff access the EMR through computer devices that are connected to the server through a local area network (LAN) set up in the office. The computers may be connected wirelessly to the network if desired. This model has a few similarities to loading Quicken on your home computer and then using Quicken to pay bills online:

After loading Quicken onto your computer you will periodically be advised by Quicken to take "updates" to fix known "bugs" in the software. Similarly, you will load the EHR software onto the server in your office and physically download any updates to fix "bugs" that the vendor discovers and fixes.

Microsoft periodically advises you to take security updates on your home computer. Similarly, the EHR server will need to take periodic updates from Microsoft.

You may later decide to upgrade Quicken to its latest version, and then purchase and install the Quicken upgrade on your computer. Similarly, you will want to upgrade your EHR software periodically, usually every 12-18 months.

You may decide in the future to purchase a new home computer that is faster; you will have to then load the Quicken software onto that new computer and transfer all of your old Quicken data to the new computer. Similarly, you will need to periodically replace the EHR server with a newer one that is faster, stronger and/or meets future recommended requirements of the EHR software. And make sure your data gets transferred as well.

The web-based model is gaining popularity. In this model the EHR software is located on a server at a remote location designated and hosted by the EHR vendor. The physician and staff access the EHR through the Internet on computer devices in the office. This is analogous to online banking that you access on your home computer and use to pay your bills online (instead of using Quicken). Using this analogy:

You will not physically have to take updates because the bank will update the software themselves

Microsoft will not ask you to take Microsoft security updates to the online banking server because the bank hosts the server and will do that themselves

When there is an upgrade to the online banking software, you do not have to purchase and physically load that software on your computer because the bank does that on their server that you are simply accessing.

If the online banking server is too slow you will not have to purchase a new server, the bank will do that (if enough customers complain)...and they will migrate your data over to that new server)

Here is a comparison chart for these two EHR models:

Personally, the business side of me is strongly averse to allowing a 3rd party vendor to take care of the “heart and soul” of my practice (i.e. the revenue dollars and the clinical data). Hence, in private practice I would strongly favor keeping the server in-house. However, the clinic I currently work at is a small part of a large academic institution. For our ambulatory EMR I am leaning toward recommending a web-based model. The presence of an institutional IT Department whose primary purpose is to support the education of thousands of students, not to understand and dedicate the resources needed to provide a high level of clinical IT support required for a clinician using an EHR. And I know who is most likely to get trumped down the road when conflicting priorities arise!

Why should primary care physicians sign up for REC services? What are the unique selling points and assistance they will receive as compared to other consultant organizations?

These are excellent questions I am hearing from physicians in Texas regarding the four RECs that cover our entire state. The RECs are subsidized by the federal government through the Health Information Technology for Economic and Clinical Health (HITECH) Act which appropriated $640 million in REC grant funds to create 62 RECs across the nation, including the four in Texas.

Primary care physicians in Texas should use REC services because they will receive a steep discount for high quality services that are provided through a trustworthy, physician-centric organization that was specifically created to meet the technological needs of physicians in their region.

In Texas the four RECs have collaborated to develop a shared business plan that leverages the federal subsidies to provide onsite technical consulting for a token fee of $300. For this $300 enrollment fee Texas physicians receive over $5,000 in consulting services which include:

EHR implementation and project management;

HIT education and training;

Vendor selection and financial consultation;

Practice and workflow redesign;

Privacy and security compliance education;

Meaningful use analysis, tracking, and monitoring;

Assistance in meeting meaningful use requirements for CMS incentives;

Collaboration with state and national health information exchange (HIE);

Ongoing technical assistance; and

Opportunities for CME credit hours

In addition to this steeply discounted enrollment fee, the Texas Medical Association (TMA) works closely with the RECs to help ensure that the RECs are physician-centric and focused on meeting physician needs. Physicians hold 50% of the seats on each REC's governing board as a result of the TMA’s early efforts.

Another unique selling point is that the REC technical consultants are specifically focused on, and experienced with, the small physician practice. Other IT consultants naturally give priority to large practices or healthcare systems where they get large amounts of money from a small number of contracts. The REC consultants, on the other hand, only get a small amount of money per contract, but they get a large number of them. This business strategy allows them to become more experienced with and more focused on the small practice. The REC administrative staffs enable this strategy by facilitating the enrollment of a large number of physicians and by using the REC federal grant funds to offer physicians the steep discount.